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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . |EI This communication is responsive to Amendment F dated September 8, 2009. 

2. ^ The allowed claim(s) is/are 1-8,10-16 and 18-26 (renumbered 1-24 respectively) . 
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3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
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(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 
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EXAMINER'S AMENDMENT 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Elise R. Heilbrunn (Reg No. 42,649) on December 17, 2009. 

The application has been amended as follows: 

1 . (Currently Amended) In a network device for routing a packet , a method of performing 
Network Address Translation , comprising: 

maintaining a plurality of routing tables, each of a plurality of virtual private networks 
being associated with a different one of the plurality of routing tables; 

receiving a packet, the packet including an IP source address and an IP destination 
address, the packet further including information indicating one of the plurality of routing tables 
to route the packet, the information identifying one of the plurality of virtual private networks; 

performing Network Address Translation on the packet using a translation table to 
generate a translated packet ; 

identifying one of the plurality of routing tables to route the translated packet using the 
information indicating one of the plurality of routing tables to route the packet such that one of 
the plurality of routing tables corresponding to the one of the plurality of virtual private networks 
is identified; 
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identifying an entry in the identified one of the plurality of routing tables using the IP 
destination address; 

routing the translated packet using the identified routing table entry; 

receiving a default route to a network device providing one or more shared services, the 
default route to the network device providing one or more shared services being advertised by 
the network device providing one or more shared services, wherein each of the shared services is 
available to each of the plurality of virtual private networks; and 

updating each of the plurality of routing tables to include the default route, thereby 
enabling the plurality of virtual private networks to access the shared services via the default 
route that is included in each of the plurality of routing tables. 

2. (Previously Presented) The method as recited in claim 1 , wherein each of the 
plurality of virtual private networks is associated with a different customer. 

3. (Original) The method as recited in claim 1, wherein the network device is associated 
with an ingress interface of a service provider network. 

4. (Original) The method as recited in claim 1, wherein the network device is associated 
with an egress interface of a service provider network. 

5. (Original) The method as recited in claim 1, wherein the network device is associated 
with a service provider network. 
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6. (Previously Presented) The method as recited in claim 1 , wherein performing 
Network Address Translation on the packet comprises: 

translating the IP source address from a private address to a public address when the 
packet is received from a network device in a private network. 

7. (Previously Presented) The method as recited in claim 1, wherein performing 
Network Address Translation on the packet comprises: 

translating the IP destination address from a public address to a private address when the 
packet is received from a network device in a public network. 

8. (Previously Presented) The method as recited in claim 7, wherein the network 
device in the public network provides one or more services to each of the plurality of virtual 
private networks. 

9. (Cancelled) 

10. (Previously Presented) The method as recited in claim 1, wherein the 
packet includes an MPLS tag identifying the one of the plurality of virtual private networks, and 
wherein identifying one of the plurality of routing tables comprises: 

ascertaining the one of the plurality of virtual private networks from the Multi Protocol 
Label Switching tag; and 
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identifying the one of the plurality of routing tables associated with the ascertained one of 
the virtual private networks. 

1 1 . (Previously Presented) The method as recited in claim 1 0, wherein the Multi 
Protocol Label Switching tag further identifies the network device responsible for performing 
Network Address Translation and routing the packet. 

12. (Currently Amended) In a network device for routing a packet , a method of performing 
Network Address Translation , comprising: 

maintaining a plurality of routing tables, each of a plurality of virtual private networks 
being associated with a different one of the plurality of routing tables; 

receiving a packet, the packet including an IP source address and an IP destination 
address , and a Multi Protocol Label Switching tag identifying the one of the plurality of virtual 
private networks , the packet further including information indicating one of the plurality of 
routing tables to route the packet, the information identifying one of the plurality of virtual 
private networks; 

ascertaining one of the plurality of virtual private networks from the Multi Protocol Label 
Switching tag; 

identifying an entry in a translation table including the IP source address, the IP 
destination address, and a virtual private network identifier identifying the ascertained one of the 
virtual private networks; 
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performing Network Address Translation on the packet using the entry in the translation 
table to generate a translated packet ; 

identifying one of the plurality of routing tables to route the translated packet using the 
information indicating one of the plurality of routing tables to route the packet such that one of 
the plurality of routing tables corresponding to the one of the plurality of virtual private networks 
is identified; 

identifying an entry in the identified one of the plurality of routing tables using the IP 

destination address; and 

routing the translated packet using the identified routing table entryt 

wherein the packet further includes an Multi Protocol Label Switching tag identifying the 

one of the plurality of virtual private networks, and whoroin performing Network Address 

Translation on the packet comprises: 

ascertaining the one of the plurality of virtual private networks from the Multi Protocol 

Label Switching tag; 

identifying an entry in a translation table including the IP source address, the IP 
destination address, and a virtual private network identifier identifying the ascertained one of the 
virtual private networks; and 

performing Network Address Translation on the packet using the entry in the translation 

table. 

1 3 . (Previously Presented) The method as recited in claim 12, wherein identifying one 

of the plurality of routing tables to route the packet comprises: 
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identifying the one of the plurality of routing tables from the entry in the translation table. 

14. (Currently Amended) In a network device for routing a packet , a method of performing 
Network Address Translation , comprising: 

maintaining a plurality of sets of routing information, each of a plurality of virtual private 
networks being associated with a different one of the plurality of sets of routing information; 

receiving a packet, the packet including an IP source address and an IP destination 
address, the packet further including information indicating one of the plurality of sets of routing 
information to route the packet, the information identifying one of the plurality of virtual private 
networks; 

performing Network Address Translation on the packet using a translation table to 
generate a translated packet ; 

identifying an entry in one of the plurality of sets of routing information using the IP 
destination address and the information indicating one of the plurality of sets of routing 
information to route the packet such that one of the plurality of sets of routing information 
corresponding to the one of the plurality of virtual private networks is identified; 

routing the translated packet using the identified entry; 

receiving a default route to a network device providing one or more shared services, the 
default route to the network device providing one or more shared services being advertised by 
the network device providing one or more shared services, wherein each of the shared services is 
available to each of the plurality of virtual private networks; and 
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updating the plurality of sets of routing information to include the default route, wherein 
each of the plurality of sets of routing information corresponding to each of the plurality of 
virtual private networks is stored in one or more routing tables, thereby updating the one or more 
routing tables associated with the plurality of virtual private networks to include the default route 
to the network device providing one or more shared services available to each of the plurality of 
virtual private networks, enabling the plurality of virtual private networks to access the shared 
services via the default route that is included in each of the plurality of sets of routing 
information. 

1 5 . (Previously Presented) The method as recited in claim 14, wherein each of the plurality 
of sets of routing information corresponding to each of the plurality of virtual private networks is 
stored in a separate routing table. 

16. (Previously Presented) The method as recited in claim 14, wherein each of the 
plurality of sets of routing information corresponding to each of the plurality of virtual private 
networks is stored in a single routing table, wherein each entry in the routing table includes a 
VPN identifier identifying the corresponding one of the plurality of virtual private networks. 

17. (Cancelled) 

18. (Previously Presented) The method as recited in claim 14, wherein updating the 
plurality of sets of routing information comprises: 
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updating a single routing table to include the default route. 



1 9 . (Previously Presented) 



The method as recited in claim 18, wherein the single 



routing table is dedicated to storing the default route to shared services available to each of the 
plurality of virtual private networks. 

20. (Previously Presented) The method as recited in claim 1 8, wherein the single routing 
table stores the plurality of sets of routing information. 



plurality of sets of routing information comprises updating a plurality of routing tables to include 
the default route, each of the plurality of routing tables being associated with a different one of 
the plurality of virtual private networks. 

22. (Currently Amended) A computer-readable medium storing thereon computer-readable 
instructions for routing a packet performing Network Address Translation in a network device, 
comprising: 

instructions for maintaining a plurality of routing tables, each of a plurality of virtual 
private networks being associated with a different one of the plurality of routing tables; 

instructions for processing a packet that has been received, the packet including an IP 
source address and an IP destination address, the packet further including information indicating 



2 1 . (Previously Presented) 



The method as recited in claim 14, wherein updating the 
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one of the plurality of routing tables to route the packet, the information identifying one of the 
plurality of virtual private networks; 

instructions for performing Network Address Translation on the packet using a 
translation table to generate a translated packet ; 

instructions for identifying one of the plurality of routing tables to route the translated 
packet using the information indicating one of the plurality of routing tables to route the packet 
such that one of the plurality of routing tables corresponding to the one of the plurality of virtual 
private networks is identified; 

instructions for identifying an entry in the identified one of the plurality of routing tables 
using the IP destination address; 

instructions for routing the translated packet using the identified routing table entry; 

receiving a default route to a network device providing one or more shared 3orvicos, the 
default route to the network device providing one or more shared services being advertised by 
the network device providing one or more shared services, wherein each of the shared services is 
available to each of the plurality of virtual private networks; and 

instructions for updating each of the plurality of routing tables to include the a_default 
route to a network device providing one or more shared services, the default route to the network 
device providing one or more shared services being advertised by the network device providing 
one or more shared services, wherein each of the shared services is available to each of the 
plurality of virtual private networks , thereby enabling the plurality of virtual private networks to 
access the shared services via the default route that is included in each of the plurality of routing 
tables. 
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Address Translation , comprising: 

means for maintaining a plurality of routing tables, each of a plurality of virtual private 
networks being associated with a different one of the plurality of routing tables; 

means for receiving a packet, the packet including an IP source address and an IP 
destination address, the packet further including information indicating one of the plurality of 
routing tables to route the packet, the information identifying one of the plurality of virtual 
private networks; 

means for performing Network Address Translation on the packet using a translation 
table to generate a translated packet ; 

means for identifying one of the plurality of routing tables to route the translated packet 
using the information indicating one of the plurality of routing tables to route the packet such 
that one of the plurality of routing tables corresponding to the one of the plurality of virtual 
private networks is identified; 

means for identifying an entry in the identified one of the plurality of routing tables using 
the IP destination address; 

means for routing the translated packet using the identified routing table entry; 

means for receiving a default route to a network device providing one or more shared 
services, the default route to the network device providing one or more shared services being 
advertised by the network device providing one or more shared services, wherein each of the 
shared services is available to each of the plurality of virtual private networks; and 
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means for updating each of the plurality of routing tables to include the default route, 
thereby enabling the plurality of virtual private networks to access the shared services via the 
default route that is included in each of the plurality of routing tables. 

24. (Currently Amended) A network device adapted for performing Network Address 
Translation , comprising: 
a processor; and 

a memory, at least one of the processor or the memory being adapted for: 

maintaining a plurality of routing tables, each of a plurality of virtual private networks 
being associated with a different one of the plurality of routing tables; 

receiving a packet, the packet including an IP source address and an IP destination 
address, the packet further including information indicating one of the plurality of routing tables 
to route the packet, the information identifying one of the plurality of virtual private networks; 

performing Network Address Translation on the packet using a translation table to 
generate a translated packet ; 

identifying one of the plurality of routing tables to route the translated packet using the 
information indicating one of the plurality of routing tables to route the packet such that one of 
the plurality of routing tables corresponding to the one of the plurality of virtual private networks 
is identified; 

identifying an entry in the identified one of the plurality of routing tables using the IP 
destination address; 

routing the translated packet using the identified routing table entry; 
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receiving a default route to a network device providing one or more shared services, the 
default route to the network device providing one or more shared services being advertised by 
the network device providing one or more shared services, wherein each of the shared services is 
available to each of the plurality of virtual private networks; and 

updating each of the plurality of routing tables to include the default route, thereby 
enabling the plurality of virtual private networks to access the shared services via the default 
route that is included in each of the plurality of routing tables. 

25. (Currently Amended) An apparatus, comprising: 
a processor; and 

a memory, at least one of the processor or the memory being adapted for: 
maintaining a plurality of routing tables, each of a plurality of virtual private networks 
being associated with a different one of the plurality of routing tables; 

receiving a packet, the packet including an IP source address and an IP destination 
address , and a Multi Protocol Label Switching tag identifying the one of the plurality of virtual 
private networks , the packet further including information indicating one of the plurality of 
routing tables to route the packet, the information identifying one of the plurality of virtual 
private networks; 

ascertaining one of the plurality of virtual private networks from the Multi Protocol Label 
Switching tag; 
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identifying an entry in a translation table including the IP source address, the IP 
destination address, and a virtual private network identifier identifying the ascertained one of the 
virtual private networks; 

performing Network Address Translation on the packet using the entry in the translation 
table to generate a translated packet ; 

identifying one of the plurality of routing tables to route the translated packet using the 
information indicating one of the plurality of routing tables to route the packet such that one of 
the plurality of routing tables corresponding to the one of the plurality of virtual private networks 
is identified; 

identifying an entry in the identified one of the plurality of routing tables using the IP 
destination address; and 

routing the translated packet using the identified routing table entry; 

whoroin the packet further includes an Multi Protocol Label Switching tag identifying the 
one of the plurality of virtual private networks, and wherein performing Network Address 
Translation on the packet comprises: 

ascertaining the one of the plurality of virtual private networks from the Multi Protocol 

Label Switching tag; 

identifying an entry in a translation table including the IP source address, the IP 

destination address, and a virtual private network identifier identifying the ascertained one of the 
virtual private networks; and 

performing Network Address Translation on the packet using the entry in the translation 
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26. (Previously Presented) The apparatus as recited in claim 25, wherein identifying 

one of the plurality of routing tables to route the packet comprises: 

identifying the one of the plurality of routing tables from the entry in the translation table. 

2. The following is an examiner's statement of reasons for allowance: 

With regard to claims 1 and 22-24, the prior art of record fails to anticipate or 
make obvious "... maintaining a plurality of routing tables, each of a plurality of virtual 
private networks being associated with a different one of the plurality of routing tables; 

receiving a packet, the packet including ... an IP destination address, the packet 
further including information indicating one of the plurality of routing tables to route the 
packet, the information identifying one of the plurality of virtual private networks; 

performing Network Address Translation on the packet using a translation table 
to generate a translated packet; 

identifying one of the plurality of routing tables to route the translated packet 
using the information indicating one of the plurality of routing tables to route the packet 
such that one of the plurality of routing tables corresponding to the one of the plurality of 
virtual private networks is identified; 

identifying an entry in the identified one of the plurality of routing tables using the 
IP destination address; 

routing the translated packet using the identified routing table entry; 
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With regard to claims 12 and 25, the prior art of record fails to anticipate or make 
obvious "... maintaining a plurality of routing tables, each of a plurality of virtual private 
networks being associated with a different one of the plurality of routing tables; 

receiving a packet, the packet including ... an IP destination address, and a 
MPLS tag identifying the one of the plurality of virtual private networks, the packet 
further including information indicating one of the plurality of routing tables to route the 
packet, the information identifying one of the plurality of virtual private networks; 

ascertaining one of the plurality of virtual private networks from the MPLS tag; 

identifying an entry in a translation table ... identifying the ascertained one of the 
virtual private networks; 

performing Network Address Translation on the packet using the entry in the 
translation table to generate a translated packet; 

identifying one of the plurality of routing tables to route the translated packet 
using the information indicating one of the plurality of routing tables to route the packet 
such that one of the plurality of routing tables corresponding to the one of the plurality of 
virtual private networks is identified; 

identifying an entry in the identified one of the plurality of routing tables using the 
IP destination address; 

routing the translated packet using the identified routing table entry; 
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With regard to claim 14, the prior art of record fails to anticipate or make obvious 
"... maintaining a plurality of sets of routing information, each of a plurality of virtual 
private networks being associated with a different one of the plurality of routing tables; 

receiving a packet, the packet including ... an IP destination address, the packet 
further including information indicating one of the plurality of sets of routing information 
to route the packet, the information identifying one of the plurality of virtual private 
networks; 

performing Network Address Translation on the packet using a translation table 
to generate a translated packet; 

identifying an entry in one of the plurality of sets of routing information using the 
IP destination address and the information indicating one of the plurality of sets of 
routing information to route the packet such that one of the plurality of sets of routing 
information corresponding to the one of the plurality of virtual private networks is 
identified; 

routing the translated packet using the identified entry; 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 



3. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BLANCHE WONG whose telephone number is 
(571)272-3177. The examiner can normally be reached on Monday through Friday, 
830am to 530pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Blanche Wong/ 
Examiner, Art Unit 2476 
December 17, 2009 

/Ayaz R. Sheikh/ 

Supervisory Patent Examiner, Art Unit 2476 



